cve/2018/CVE-2018-7364.md

### [CVE-2018-7364](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7364)
![](https://img.shields.io/static/v1?label=Product&message=ZXIN10-European%20region&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen)

### Description

All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges.

### POC

#### Reference
- https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2-7h57-rg7p

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-7364](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7364)`
			`![](https://img.shields.io/static/v1?label=Product&message=ZXIN10-European%20region&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%3A%20Improper%20Access%20Control&color=brighgreen)`

			`### Description`

			`All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges.`

			`### POC`

			`#### Reference`
			`- https://github.com/orangecertcc/security-research/security/advisories/GHSA-34f2-7h57-rg7p`

			`#### Github`
			`No PoCs found on GitHub currently.`